Security Engineer 

■ Your Role and Responsibilities 

• Help define security requirements within the cloud environment around automation CI/CD, access controls,authorization, authentication, network, automated compliance, alerting and forensics
• Assist with application security testing and code reviews
• Perform security reviews, identifying gaps in secure architecture and design
• Co-create security policies and standards
• Review and design application security controls
• Research information security standards for adoption
• Develop secure coding policies, procedures and standards
• Engage with the engineering teams to review and update Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc. Job Details Write bug reports Recommend bug fixes Create threat models Recommend secure design patterns Interface with product team and partners concerning security programs and testing Deliver training and guidance to both security and deve etc... How many years of experience in this role 7~15 years Qualifications, Experience, skills, knowledge [MUST] Solid understanding of public cloud (Azure, AWS, GCS, etc)
• Practical application of secure engineering principles
• Practical experience with SAST and DAST tools and workflows
• Working knowledge of vulnerability/compliance, patch management, anti-malware, APT, identity and access control management toolsets
• Experience with third party tools (e.g. Splunk, Elastisearch etc) to analyze systems and audit logs to identify anomalies, threats, potential vulnerabilities, configuration errors, zero-days, and breaches
• Threat modeling

■ Work Location

・Tokyo

■ Experience and Qualifications 

• Experience integrating automated security tools into CI/CD pipeline
• Proven working experience within software development industry
• Excellent interpersonal and communication skillsProven working experience in conducting DevSecOps in an agile work environment
• Hands-on development experience with at least one of the following programming languages: Python, Typescript, Java, Scala, Go
• Proven working experience with DevOps container/orchestration tools (ie: Docker, Kubernetes, etc.)
• Knowledge of continuous delivery and Application Lifecycle Management tools (Jenkins, Bamboo, JIRA, SVN, Git, Nexus, etc.)
• Japanese: N5 Japanese skills desirable but not strictly necessary
• English: Business level or above